An administrator thinks the UNIX systems may be compromised, but a review of system log files provides no useful information. After discussing the situation with the security team, the administrator suspects that the attacker may be altering the log files and removing evidence of intrusion activity.Which of the following actions will help detect attacker attempts to further alter log files?
A. Enable verbose system logging
B. Change the permissions on the user's home directory
C. Implement remote syslog
D. Set the bash_history log file to "read only"
Answer: C. Implement remote syslog
Computer Science & Information Technology
You might also like to view...
What does it mean to extend a class?
What will be an ideal response?
Computer Science & Information Technology
Answer the following statements true (T) or false (F)
1) A simple view is based on a single table. 2) A complex view is always based on two or more tables. 3) In a sequence, to get the current value with CURRVAL, at least one number must be generated first by using NEXTVAL. 4) If a table is dropped, all indexes based on that table are automatically dropped.
Computer Science & Information Technology